禁用SQL成员资格提供程序(ASP.Net窗体身份验证) [英] Disable SQL Membership Provider (ASP.Net Forms Authentication)
问题描述
我已经设置为需要基本的密码保护客户端的琐碎preVIEW网站。我使用窗体身份验证与的web.config
指定的凭据。
工作正常上我的盒子的(鬼才)的
块引用>然而,当我部署到运行的Win2008生产网站,验证code试图打开一个SQL Server数据库(我在
没有提及任何SQL的web.config
)。如何禁用,以便认证是基于我在web.config中输入的凭据这种行为
?异常事件日志
无法连接到SQL Server数据库。
在System.Web.Management.SqlServices.GetSqlConnection(字符串服务器,用户字符串,字符串密码,布尔信赖,字符串的connectionString)
在System.Web.Management.SqlServices.SetupApplicationServices(字符串服务器,用户字符串,字符串密码,布尔信赖,字符串的connectionString,数据库字符串,字符串dbFileName,SqlFeatures功能,布尔安装)
在System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(字符串fullFileName,DATADIR字符串,字符串的connectionString)
在System.Web.DataAccess.SqlConnectionHelper.EnsureSqlEx pressDBFile(字符串的connectionString)
...
在System.Data.SqlClient.SqlConnection.Open()在System.Web.Management.SqlServices.GetSqlConnection(字符串服务器,用户字符串,字符串密码,布尔信赖,字符串的connectionString)结果
http://my.site.com/Login.aspx?ReturnUrl=/的web.config (相关部分)
<&的System.Web GT;
<编译targetFramework =4.0/>
<身份验证模式=表格>
<形式的名称=appNameAuth路径=/loginUrl =的Login.aspx保护=所有超时=30>
<凭证了passwordFormat =SHA1>
<使用者名称=我密码=SHA1OfMyPassword/>
< /凭证>
< /形式GT;
< /认证>
<授权>
<拒绝用户= /&gt的帮助?
<让用户=我/>
< /授权> < /system.web>
解决方案事实证明,生产机器上的SQL成员资格提供在machine.config中定义的。我不认为运营团队从改变默认的Windows 2008上安装任何东西,所以这可能是一般为该平台的情况。
要删除对在更高层次上定义的SQL供应商包括在你的web.config以下
<会员和GT;
<供应商>
<清/>
< /供应商>
< /会员>
< roleManager启用=false的>
<供应商>
<清/>
< /供应商>
< / roleManager>
<型材>
<供应商>
<清/>
< /供应商>
< / profile文件>I have setup a trivial preview website for a client that needs basic password protection. I'm using Forms Authentication with the credentials specified in
web.config
.Everything works fine on my box (famous last words)
However, when I deploy to a production website running Win2008, the authentication code attempts to open a SQL Server database (I have no reference to anything SQL in
web.config
). How can I disable this behavior so that authentication is based on the credentials I have entered inweb.config
?Exception in Event Log
Unable to connect to SQL Server database. at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) at System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install) at System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) at System.Web.DataAccess.SqlConnectionHelper.EnsureSqlExpressDBFile(String connectionString) ... at System.Data.SqlClient.SqlConnection.Open() at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString)
http://my.site.com/Login.aspx?ReturnUrl=/web.config (relevant portion)
<system.web> <compilation targetFramework="4.0" /> <authentication mode="Forms"> <forms name="appNameAuth" path="/" loginUrl="Login.aspx" protection="All" timeout="30"> <credentials passwordFormat="SHA1"> <user name="me" password="SHA1OfMyPassword" /> </credentials> </forms> </authentication> <authorization> <deny users="?"/> <allow users="me" /> </authorization> </system.web>
解决方案It turns out that, on the production machine, the SQL membership provider was defined in machine.config. I don't think the ops team changed anything from the default Windows 2008 install, so that's probably generally the case for that platform.
To remove references to any SQL providers defined at a higher level include the following in your web.config
<membership> <providers> <clear /> </providers> </membership> <roleManager enabled="false"> <providers> <clear /> </providers> </roleManager> <profile> <providers> <clear /> </providers> </profile>
这篇关于禁用SQL成员资格提供程序(ASP.Net窗体身份验证)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!